Security at PayFit

Keeping our customers data secure is the most important thing that PayFit cares about. We go to considerable lengths to ensure that all data sent to PayFit is handled securely - keeping data safe (and encrypted) is fundamental to our business.

Best Practices

Incident Response Plan

We have implemented a formal procedure for security events and have educated internally all our staff on our policies.

When security events are detected they are escalated to our emergency alias, teams are paged, notified and assembled to rapidly address the event.

The analysis is reviewed in person, distributed across the company and includes action items that will make the detection and prevention of a similar event easier in the future.

Build Process Automation

We have functioning, frequently used automation in place so that we can safely and reliably rollout changes to both our application and operating platforms within minutes.

We typically deploy code dozens of times a day, so we have high confidence that we can get a security fix out quickly when required.

Infrastructure

All of our services run in the cloud. PayFit does not host our own routers, load balancers, DNS servers, or physical servers.

All our services and data are provided and hosted in Amazon Web Services (AWS) facilities in Paris, France. PayFit services have been built in the first place with disaster recovery in mind.

All of our servers are within our own virtual private clouds (AWS VPC) with restricted and monitored network access control lists (ACL’s) that prevent unauthorized requests getting to our internal network. Public traffic goes through a single (audited) load balancer. Access to our internal services is possible via a VPN only.

Our VPN has granular access control policy

Data

All customer data is stored in the EU.

Customer data is stored in multi-tenant datastores, we do not have individual datastores for each customer. However strict privacy controls exist in our application code to ensure data privacy and prevent one customer from accessing another customers data. We have many unit and integration tests in place to ensure these privacy controls work as expected. These tests are run every time our codebase is updated and a single test failing will prevent new code being shipped to production.

All documents related to hr are stored on the aws s3 service with a strong encryption keys system (aws KMS). No one but PayFit owns the keys to decrypt them and use them if necessary.

We use a mongoDB database to store all the data related to payroll. The data is stored on encrypted disks using advanced encryption.

Data Transfer

Our API and application endpoints are TLS/SSL only and score an "A" rating on SSL Labs' tests. This means we only use strong cipher suites and have features such as HSTS and Perfect Forward Secrecy fully enabled.

Authentication

PayFit is served 100% over https. PayFit runs a zero-trust corporate network.

There are no corporate resources or additional privileges from being on PayFIt’s network.

Each user can set up a two-factor authentication (2FA) to ensure the best security for their authentication.

Application Monitoring

On an application level, we produce audit logs for all activity

All access to PayFit applications is logged and audited.

Bastion hosts are used to login to devices via key based authenticated SSH

All actions taken on production consoles or in the PayFit application are logged for a full traceability

Security Audits

We use technologies such as Logmatic, AWS Cloudtrail and Security Monkey to provide an audit trail over our infrastructure and the PayFit application. Auditing allows us to do ad-hoc security analysis, track changes made to our setup and audit access to every layer of our stack.

GDPR readiness

At PayFit we are committed to protecting your information. We recently updated our Privacy Policy to clarify how we protect your personal information in keeping with the General Data Protection Regulation (GDPR). We implemented our readiness programme across our organization. This involves: